Cybersecurity risk management plan

Two weeks out from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high. Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The job was already hard enough without having to play catch-up. "There's tension in the air," says Chris Kennedy, chief information security officer at the network security firm RiskIQ who spent more than 10 years as a federal security contractor for agencies like the Treasury, Department of Commerce and US Marines Corps. "As an incident responder, you just found activity that took place three weeks ago, and now you have to quarantine and clean up and fix it when three weeks of damage has already been done. The work is … [Read more...] about Cybersecurity Workers Scramble to Fix a Post-Shutdown Mess

Cyber criminals are targeting wealth managers and their high-net-worth clients, exploiting weak defences and poor security practice.A study from Campden Wealth and Schillings has revealed that 28 per cent of international high-net-worth families and the firms that manage their assets have already fallen victim to cyber-attacks. Despite the enormity of the risk, approximately 40 per cent of such firms fail to operate a dedicated cybersecurity policy, or appoint a professional to manage protection.Are we to believe the 72 per cent of high-net-worth individuals and their wealth managers are doing something radically different to fend of cyber-attacks, or is it just a matter of luck? The former FBI Director, Robert Mueller, was famously quoted as saying: “There are only two types of companies: those that have been hacked, and those that will be.” I’m sure Mr Mueller would be the first to confirm that relying on your luck is by no means a strategy.Wealth management firms … [Read more...] about Wealth managers targeted by cyber criminals aiming at high-net-worth clients

Didn’t get your newspaper on Saturday? Blame the hackers. The attack, which disrupted the production of several major publications, was just the latest in a long cybercriminal hitlist this year. From police departments to hospitals, cybercrime is on the rise, and cybersecurity specialists are needed. You can learn the skills to fight the hackers. It won’t happen overnight — you really need to be certified first — but the training is available online. Right now the Complete Cyber Security Certification Bundle is on offer, and you can pay what you like. This nine-part learning kit has all the instruction you need to detect and prevent cybersecurity threats. Each of the nine courses also fully prepares you for one of the top cybersecurity certification exams out there.The full cybersecurity rundown: CompTIA Security+ SY0-501 — $399 value Computer Hacking Forensic Investigator (CHFI) — $299 value Cisco 210-260: Implementing Cisco Network … [Read more...] about Become a certified cybersecurity specialist for as little as $1

If 2017 was the worst year for cyberattacks, according to the Online Trust Alliance, 2018 hasn't been much better. While we haven't yet seen a cyber incident on the scale of 2017's huge WannaCry and NotPetya ransomware attacks, which hit thousands of organisations globally, there have been many high-profile and damaging breaches such as those that affected Facebook and British Airways.Incidents like these can impact businesses in a number of ways. Operational systems can grind to a halt, leading to lost sales and revenues. The reputational repercussions of a data breach can travel fast in the age of social media, and be almost impossible to recover from. Finally the introduction of GDPR adds a level of complexity that can leave businesses liable for fines of up to 4 per cent of their annual global turnover in the wake of an incident.Given that last year’s major incidents had such a significant impact on large international enterprises with huge cybersecurity resources at their … [Read more...] about Don’t play risk with your security: Five steps to achieve ISO 27001

This week marks the 21st Oracle OpenWorld conference in San Francisco, and the company wasted no time detailing the updates across its portfolio. It unveiled artificial intelligence (AI) enhancements to Enterprise Resource Planning (ERP) Cloud and Enterprise Performance Management (EPM) Cloud, its suite of project and applications management tools, and Human Capital Management Cloud (HCM), its full-stack recruiting and talent product family. And it debuted two new services — Subscription Management, an end-to-end payments solution, and CX Unity, a customer data management platform — alongside a small and medium-sized businesses (SMB) Data Cloud tier. “Oracle is uniquely positioned to help customers connect data and processes across the entire organization to drive better business outcomes,” Rondy Ng, senior vice president at Oracle, said of today’s news. “Our focus on delivering immediate business impact from the latest innovations gives … [Read more...] about Oracle debuts Subscription Management and CX Unity, updates to HCM Cloud and Data Cloud